homepage Welcome to WebmasterWorld Guest from 54.198.130.203
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
Forum Library, Charter, Moderators: bakedjake

Linux, Unix, and *nix like Operating Systems Forum

    
ssh from RH server to RH server
can't ssh from RH to RH
RonD




msg:4304974
 7:08 pm on Apr 27, 2011 (gmt 0)

Set up new RH6 server and am trying to ssh to it from another RH server and not getting a login prompt.

- serverA (old): uname -a returns "Linux <servername> 2.4.21-63.ELsmp #1 SMP <date & time> i686 i686 i386 GNU/Linux"
- serverB (new): uname -a returns "Linux <servername> 2.6.32-71.24.1.el6.x86_64 #1 SMP <date & time> x86_64 x86_64 x86_64 GNU/Linux)
- can ssh to both servers using Putty from a windows PC successfully
- can ssh from serverB to serverA
- cannot get a login prompt from serverB when attempting to ssh to it from serverA (times out)

have tried:
- turned firewall off on serverB
- ran "/etc/rc.d/init.d/iptables stop"
- added serverA to /etc/hosts file
- from serverA have used
- ssh serverA
- ssh <username>@serverA
- ssh -p 22 <username>@serverA
- ssh <serverB ip address>
- can successfully ssh back to serverA from serverA
- ssh <username>@localhost
- can successfully ssh back to serverB from serverB
- ssh <username>@localhost

What am I missing that would allow serverA to ssh to serverB? Obviously ssh is working on both servers as I can ssh into both of them with putty from a windows PC. They are obviously "talking" since I can ssh FROM server B to serverA. I just can't ssh from serverA to serverB (the new server).

Thank you for whatever advice/suggestions you might have. It's been a number of years since I've worked with Linux/Unix and I know I'm missing something.

Regards,
RonD

 

lammert




msg:4305163
 3:20 am on Apr 28, 2011 (gmt 0)

Hi RonD, first of all Welcome to WebmasterWorld!

SSH has different authentication methods with username/password, certificates and keyboard interactive. It could be that the SSH client of server A is trying an authentication method which is not enabled on server B.

A second option could be the /etc/hosts.allow file on server B. There could be some rules affecting SSH requests from remote servers.

dstiles




msg:4305597
 8:18 pm on Apr 28, 2011 (gmt 0)

Or a different port?

I tried ssh a while ago on a brand new windows server and got hundreds of hack attempts. I turned it off after an hour. If I ran it again I would change the port to obscure it. Could that be what's happened here?

RonD




msg:4305603
 8:39 pm on Apr 28, 2011 (gmt 0)

lammert - thank you for the welcome and information. I've checked the /etc/hosts.allow file on serverB & added serverA (didn't help). I have discovered (keep in mind, I've only been here 2 months and inherited this infrastructure) that serverA has both "authorizedkeys" and "known-hosts" files under ~/.ssh/. The "known-hosts" file has several entries in it, all indicating "ssh-rsa" and the key. It's been over 10 years since I've done hands-on work with Unix/Linux, so I'm looking for some guidance on what to do. It's a bit confusing, at least to me, that the authorizedkeys would impact SSH as I'm able to ssh INTO the server from other systems not listed in the "known-hosts" file. The problem appears to be doing an ssh FROM serverA to another system. I've used scp from serverB to copy the 2 files from serverA - still no success.

dstiles - thank you for the suggestion, but I don't think that's the problem as I can ssh into both servers using Putty from my desktop just fine. The problem continues to be using ssh FROM serverA to another machine - almost like ssh isn't making it out.

lammert




msg:4305713
 2:45 am on Apr 29, 2011 (gmt 0)

that serverA has both "authorizedkeys" and "known-hosts" files under ~/.ssh/. The "known-hosts" file has several entries in it, all indicating "ssh-rsa" and the key.

The known-hosts entries are those servers which you have had contact with SSH-ing from serverA to the outside world. You should check if the serverB is listed in the known-hosts file. If that is the case, both servers were able to talk with each other, they only couldn't agree on the authentication type.

Most important are differences in the /etc/ssh/sshd_config files on the two servers. That file configures the SSH daemon which accepts incoming requests.

RonD




msg:4305842
 12:35 pm on Apr 29, 2011 (gmt 0)

Issue has been resolved. After thinking about what did work and what didn't work, I had our network monitoring team look at our firewall and it was blocking ssh requests coming from serverA. They put a rule in to allow ssh from serverA to serverB only and it's working now.

Thank you all for your suggestions and recommendations.

lammert




msg:4305848
 12:46 pm on Apr 29, 2011 (gmt 0)

Glad to hear the issue is resolved!

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Linux, Unix, and *nix like Operating Systems
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved